This is one of my favourite anecdotes from wordsmith Neil Gaiman:
Somebody needed my signature on an e-document. So I did a google image search, found one, and dropped it in. Not sure what it proved.
— Neil Gaiman (@neilhimself) October 11, 2011
I'm not quite famous enough to have my autograph plastered all over the Internet - but I do have a JPG copy of my signature stored in a convenient location.
Hand-signed documents - so called "wet signatures" - are a totem. People think that they represent an infallible and unbreakable pact. They don't, of course. So I just paste-in my JPG at the bottom of important documents.
This has only caused me a problem once. I electronically completed a document only to be told that they would only accept hand-signed version. Bollocks to that! I opened the document in a photo editor, rotated it 7 degrees clockwise, and added a paper texture background image. The company accepted it with thanks.
Similarly, I recently had a company tell me they needed a copy of a utility bill to "verify my identity". Like most of the modern world, I only receive bills online. They were happy to accept a screenshot. Now, I'm no artist, but it would be easy for me to digitally manipulate a screenshot or a PDF. So what does it prove?
I suppose I could cryptographically sign my messages. Although I doubt most organisations have the ability to accurately access their authenticity. Heck, I doubt most geeks do, either!
There are some things people do to sort of validate I am who I say I am.
- Check I have access to an online account by asking me to post a specific message from it.
- Check I have access to a physical address by sending me a token in the post.
- Check I have access to knowledge about my first school, favourite sports team, and other security questions probably known by close family and friend.
They are all quite weak indicators. So we fall back on an inky squiggle that's easy to copy and easy to replicate.
We've reached a weird inflection point with identity. There's very little I can do to prove who I am. There's almost zero things you can do to validate what little proof I can offer.